social.kernel.org

K. Ryabitsev

@monsieuricon Moderator

Posts

1638

Following

215

Followers

2177

Director of Linux Foundation IT. Currently in charge of kernel.org infra.

This account is for Linux/Kernel/FOSS topics in general: #linux, #kernel, #foss, #git, #sysadmin, #infrastructure.

For my personal account, please follow @monsieuricon@castoranxieux.ca.

Montréal, Québec, Canada 🇨🇦🇺🇦

K. Ryabitsev

monsieuricon

1 month ago

Reply to @justin@toot.io

@justin @djh it doesn't seem to make any difference what code we return -- my guess is that we're just one of the sites the check hits. If it gets an error, it just checks a different site.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @bladecoder@androiddev.social

@bladecoder not quite -- the requests are http, not https. Also, I doubt there are tens of millions of daily NewPipe users out there. :)

K. Ryabitsev

monsieuricon

1 month ago

Reply to @palmer

@palmer lol, I'll try this. :)

K. Ryabitsev

monsieuricon

1 month ago

Jeg er veldig smart.

Don't ask me why I'm learning Norsk, it's a secret, but my Duo username may give a hint.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @srtcd424@mas.to

@srtcd424 @bencardoen @tony this would be a lot of work for not obvious gain. My guess is that we're not the only host they check, so this may go completely unnoticed by the app makers, so we'll spend a lot of effort for minimal gain.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @josh@joshanders.com

@josh Good guess, I do see significantly more of this traffic on our Singapore and Amsterdam nodes.

K. Ryabitsev

monsieuricon

1 month ago

Reply to

@tony @bencardoen Yes, that's my current suspect as well -- some popular Android clone either on mobile or some set-top box. The number of unique IPs is in tens of millions, so it's probably a mobile app.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @bencardoen@mstdn.science

@bencardoen Trouble is, I'm usually seeing the IP of the NAT routing endpoint, not the actual device, so this doesn't tell me very much.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @djh@chaos.social

@djh I thought about that, but my firewall match table would get huge and it would cause problems in itself. That's 12,000,000 unique IPs just on one single node.

K. Ryabitsev

monsieuricon

1 month ago

Reply to

@artandtechnic It doesn't look like that -- the only records I have from the IPs that do that is that one GET /. They may or may not come back a few times a day, but nothing definitive.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @monsieuricon

I do have a solution in mind if it gets bad -- we already have cdn.kernel.org going through Fastly, so I will just point www.kernel.org to go through there, too. I am mostly perplexed and unamused that someone's quick thoughtless hack is starting to cause us problems.

K. Ryabitsev

monsieuricon

1 month ago

x.x.x.x - - [10/Nov/2024:00:02:37 +0000] "GET / HTTP/1.1" 301 162 "-" "okhttp/4.9.0"

You know what’s interesting about this log line? It repeats 56,686,963 times in www.kernel.org logs for yesterday, across 4 nodes. That’s about 700 times a second, and this has been going on for months.

These requests aren’t intentionally malicious – they issue a simple GET /, receive their 301 redirect, and terminate the connection. From what I can tell, this is some kind of appliance or software installed on mobile clients that uses “can I reach www.kernel.org” as a network test.

This wouldn’t be that big of a deal – a single plaintext “GET /“ that triggers an immediate 301 is very cheap for us to generate, but the number of these requests has been steadily growing.

If you have any idea what this is and how to make it stop, please reach out?

511

305

K. Ryabitsev

monsieuricon

1 month ago

Reply to @olivvybee@honeycomb.engineer

@olivvybee That strikes a chord, but don't fret -- I'm sure it's just A minor setback.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @lkundrak@metalhead.club

@lkundrak I know, I now actually have to be productive for the rest of the day and can't use the excuse of needing to fix my workstation to procrastinate.

K. Ryabitsev

monsieuricon

1 month ago

Update to Fedora-41 was completely uneventful.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @oleksandr@natalenko.name

@oleksandr not .arj?

K. Ryabitsev

monsieuricon

1 month ago

Reply to @tivasyk@mastodon.social

@tivasyk эпоха трёх ёбнутых дедов -- Трамп, Си и Путин.

K. Ryabitsev

repeated

Staff Chief of Joints

the_etrain@beige.party

1 month ago

Not now honey. Daddy's checking to see if anyone liked the stupid joke he posted on the internet.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @spot@social.afront.org

@spot they turned us down in the past, but I can try again for sure.

K. Ryabitsev

monsieuricon

1 month ago

Reply to @boramalper@mastodon.social

@boramalper it's super expensive to run and the only reason we can afford it is because it was donated by Equinix. E.g. we need 70TB of fast random access storage and terabytes of bandwidth every hour. Times four worldwide frontends.

Show older

About social.kernel.org

Terms of service

Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.
"Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.
You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).
There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

You are listed in MAINTAINERS or CREDITS
OR: You have a kernel.org account or email address
OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account:

How to request an account on social.kernel.org